Computer Weekly

Exploiting Software: How to Break Code, Chapter 7 -- Buffer Overflow

This excerpt is from Chapter 7, Buffer Overflow of Exploiting Software: How to Break Code written by Greg Hoglund and Gary McGraw, and published by Addison-Wesley ...
CSOonline

CISA, FBI call software with buffer overflow issues ‘unforgivable’

The federal directive forbids vendors from shipping software with such flaws, and flags recent Microsoft, and Ivanti zero-days as examples. FBI and CISA have issued a joint advisory to warn software ...
WeLiveSecurity

What are buffer overflow attacks and how are they thwarted?

The Morris worm of 1988 was one of those industry-shaking experiences that revealed how quickly a worm could spread using a vulnerability known as a buffer overflow or buffer overrun. Around 6,000 of ...
Homeland Security Today

CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software

CISA and the Federal Bureau of Investigation (FBI) have released a Secure by Design Alert, Eliminating Buffer Overflow Vulnerabilities, as part of their cooperative Secure by Design Alert series—an ...
CSOonline

What is a buffer overflow? And how hackers exploit these vulnerabilities

A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This ...
TechSpot

US cyber defense agency urges developers to eliminate buffer overflow vulnerabilities

Bottom line: The US Cybersecurity and Infrastructure Security Agency is once again reminding IT manufacturers and developers that buffer overflow vulnerabilities must be eradicated from software. In ...
Ars Technica

Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

"A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected ...